Why Security is the Elephant in the Room When It Comes to Big Data

The more sensitive information you gather, the bigger the target on your back in the eyes of hackers and cyber criminals. These aspects are often overlooked when big data conversations come up. However, if your company is sitting on heaps of data it uses to fuel marketing campaigns, customer loyalty programs, and make other critical business decisions, you need to be earnest in keeping this information safe and secure. But with a host of big data security challenges in your path, this may be a case of easier said than done.

Weak at the Heart: Limited Security in Hadoop

As the foundation of most big data implementations, Hadoop does a lot of amazing things. Reliably safeguarding data isn’t one of them. While the platform excels at managing both structured and unstructured data in distributed fashion, it was not designed to deliver out of the box enterprise security. For this reason, organizations that want a peace of mind must turn to third party tools in order to secure their big data infrastructures with encryption, policy enforcement, and other mechanisms.

Hadoop does offer one built-in security tool in Kerberos, which it uses for authentication. Kerberos bolsters data security by using symmetric cryptography to authenticate the use of network services and eliminate the need for passwords to be transmitted over the network. Unfortunately, this network protocol can be extremely diffiuclt to implement. And due to an inability to play well with others, using it with different authentication protocols can actually put passwords at risk, which is why some call Kerberos an all or nothing security solution.

Big data security may not be a such big deal if the limiations of Hadoop were the only thing you had to worry about. To maximize its potential, Hadoop is used in conjunction with a number of other technologies, many of which are lacking in security prowess as well. NoSQL, for instance, is sometimes said to translate to “no security” due to a combination of inherited vulnerabilities and the limited knowledge of users just getting a handle on this relatively new technology.

The Cloud Encryption Conundrum

With on-demand access to critical resources, cloud computing can support big data infrastructures from offering storage to providing analytical insights. On the other hand, the cloud can also complicate matters from a security perspective, particularly when encryption is involved. Data can’t be decrypted by commercially available algorithms once in the cloud, where users may need to perform a number of operational tasks. As a result, companies are forced to upload sensitive information to the cloud in unencrypted form, which is unnerving for several reasons.

Due to the sheer volume and sensitivity of the information, a big data breach can have devasting repercussions that not only impact the company, but its employees, customers, and business partners. Time will tell whether the flexibility, scalability, and efficiency benefits of technologies like Hadoop are worth the added security challenges, risks, and headaches that come with the territory. So how do you cope? Stay tuned for our follow-up post where discuss the best practices of big data security.

Why Security is the Elephant in the Room When It Comes to Big Data
by Big Data Companies